Hi Jonathan.
On Thu, Jan 17, 2013 at 3:42 PM, Jonathan Wiltshire wrote:
>
> Please prepare a minimal-changes upload targetting each of these suites,
> and submit a debdiff to the Release Team [0] for consideration. They will
> offer additional guidance or instruct you to upload your package.
I'l
Package: snack
Dear maintainer,
Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the following suites
through point releases:
squeeze (6.0.7) - us
On Wed, Jan 02, 2013 at 12:36:06AM +0100, Michael Karcher wrote:
> The attached patch fixes the buffer overrun for the fixed-size header
> buffer.
I have verified the patch to work and I am currently preparing an
updated snack package. I used the crafted WAV file from [1] and with
the patched snac
The attached patch fixes the buffer overrun for the fixed-size header
buffer.
--- snack-2.2.10-dfsg1/generic/jkSoundFile.c 2005-12-14 12:29:38.0 +0100
+++ snack-2.2.10-dfsg1+karcher/generic/jkSoundFile.c 2013-01-02 00:29:56.836287036 +0100
@@ -1796,7 +1796,14 @@
GetHeaderBytes(Sound *s, Tc
Processing control commands:
> severity -1 grave
Bug #695614 [snack] CVE-2012-6303: buffer overflows
Severity set to 'grave' from 'important'
--
695614: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695614
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCR
5 matches
Mail list logo
